623fc67a8affc4fb7f282a07e485c7ab84d4381ad6816e2618fe99c62ae7d4ca

Sharing

Copy URL Twitter E-mail

General

Target

623fc67a8affc4fb7f282a07e485c7ab84d4381ad6816e2618fe99c62ae7d4ca
Size

88KB
MD5

731caf339dd4700138e4c073de1caa20
SHA1

5cee4b27e3dc4a34a24f136f422e0f6a10c22058
SHA256

623fc67a8affc4fb7f282a07e485c7ab84d4381ad6816e2618fe99c62ae7d4ca
SHA512

063f789b91682817de30f81ca3a81a9be0b53337561a5f08d64e4393290eda26e730a4848a3cab3d49ff9475b155545a55648b77987a0cde27b469c76f26eef5
SSDEEP

1536:Jl+fsZwST4S5XRTBGIiNSOnJg/891D4P35H4xfvTMyXraIjPl+:Jl+kZwSZ5BTBGIiNNg/8rD63p4xfvTMw

Score

N/A

Malware Config

Signatures

Files

623fc67a8affc4fb7f282a07e485c7ab84d4381ad6816e2618fe99c62ae7d4ca
.exe windows x86

0b15ca6db1754d49a6acb8ef0e5d68fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetCurrentProcess
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
GetTickCount
ExitProcess
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
OutputDebugStringA
Sleep
WaitForSingleObject
FindClose
WriteFile
FindFirstFileA
ReadFile
VirtualAlloc
GetFileSize
SetThreadPriority
SetFilePointer
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
GlobalAlloc
GetFileAttributesA
GetModuleHandleA
GetLastError
MoveFileExA
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
CreateProcessA
TerminateProcess
ExitThread
CreateThread
lstrcmpA
GetLocalTime
WinExec
GetModuleFileNameA
LoadLibraryA
CreateFileA
GetProcAddress
GetStartupInfoA

user32

GetDesktopWindow
wsprintfA

advapi32

StartServiceCtrlDispatcherA
RegOpenKeyExA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
RegQueryValueExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

closesocket
send
select
__WSAFDIsSet
setsockopt
socket
connect
gethostname
gethostbyname
WSACleanup
WSAStartup
inet_ntoa
htonl
recv
sendto
inet_addr
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
strchr
rand
free
realloc
malloc
strlen
__CxxFrameHandler
_CxxThrowException
sprintf
memset
memcpy
atoi
strncpy
strcspn
strncmp
strcpy
localtime
time
_except_handler3
exit
strcat
strcmp

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zzbkzhh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b15ca6db1754d49a6acb8ef0e5d68fa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

shlwapi

iphlpapi

msvcrt

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 36KB - Virtual size: 36KB

zzbkzhh Size: - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 36KB - Virtual size: 36KB

zzbkzhh
Size: - Virtual size: 4KB